CVE-2010-0370

CVE-2010-0370 describes a cross-site scripting (XSS) vulnerability in the Drupal Node Blocks module (versions 5.x-1.1 and earlier, and 6.x-1.3 and earlier). The issue allows remote authenticated users with permissions to create/edit content and administer blocks to inject arbitrary web script or ...